CVE-2013-2338
Last modified
CVE-2013-2338 is a vulnerability of currently unknown severity. Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.. EPSS estimates a 10.72% chance of exploitation in the next 30 days.
Description
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hp | Integrated Lights-Out 3 Firmware | <= 1.55 |
| Hp | Integrated Lights-Out 3 Firmware | 1.00 |
| Hp | Integrated Lights-Out 3 Firmware | 1.05 |
| Hp | Integrated Lights-Out 3 Firmware | 1.20 |
| Hp | Integrated Lights-Out 3 Firmware | 1.26 |
| Hp | Integrated Lights-Out 3 Firmware | 1.28 |
| Hp | Integrated Lights-Out 3 Firmware | 1.50 |
| Hp | Integrated Lights-Out 4 Firmware | <= 1.20 |
| Hp | Integrated Lights-Out 4 Firmware | 1.11 |
| Hp | Integrated Lights-Out 4 Firmware | 1.13 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-2338?
How severe is CVE-2013-2338?
How do I fix CVE-2013-2338?
Are you affected by CVE-2013-2338?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST